Workshop on Usable Security

colocated with

Financial Cryptography and Data Security 2012

February 27 - March 2, 2012

Many aspects of data security combine technical and human factors. If a highly secure system is unusable, users will move their data to less secure but more usable systems. Problems with usability are a major contributor to many high-profile security failures today.

However, usable security is not well-aligned with traditional usability for three reasons. First, security is rarely the desired goal of the individual. In fact, security is usually orthogonal and often in opposition to the actual goal. Second, security information is about risk and threats. Such communication is most often unwelcome. Increasing unwelcome interaction is not a goal of usable design. Third, since individuals must trust their machines to implement their desired tasks, risk communication itself may undermine the value of the networked interaction. For the individual, discrete technical problems are all understood under the rubric of online security (e.g., privacy from third parties use of personally identifiable information, malware). A broader conception of both security and usability is therefore needed for usable security.

The workshop on Usable Security invites submissions on all aspects of human factors and usability in the context of security. USEC'12 aims to bring together researchers already engaged in this interdisciplinary effort with other researchers in areas such as economics, intelligent interactions, artificial intelligence, theoretical computer science, and modeling. We encourage AI, HCI, security, psychologists, risk analysts, computer scientists, security specialists, business school faculty, and industry experts to submit original research. We particularly encourage collaborative research from authors in multiple fields.


Chairs: L Jean Camp and Jim Blythe.

Program Committee:

  • Sadia Afroz, Drexel University
  • Ross Anderson, University of Cambridge
  • Matt Bishop, UC Davis
  • Pamela Briggs, Northumbria University
  • Tamzen Cannoy, PGP
  • Rachna Dhamija, Usable Security Systems
  • Chris Demchak, US Naval War College
  • Neil Gandal, Tel Aviv University
  • Seymour Goodman, Georgia Tech
  • Peter Gutmann, University of Auckland
  • Raquel Hill, Indiana University
  • Tiffany Hyun-Jin Kim, Carnegie Mellon
  • Brian LaMacchia, Microsoft
  • William Lehr, MIT
  • Andrew Patrick, Office of the Privacy Commissioner of Canada
  • Angela Sasse, University College London
  • Daniel Schutzer, Financial Services Roundtable
  • Mark Seiden, MSB Associates
  • Hovav Shacham, UC San Diego
  • Sara Sinclair, Google
  • Sean Smith, Dartmouth College
  • Gene Spafford, Purdue University
  • Frank Stajano, University of Cambridge
  • Sid Stamm, Mozilla
  • Douglas Stebila, Queensland University of Technology
  • Nicholas Weaver, ICSI Berkeley
  • Tara Whalen, Carleton University

Submissions and Important Dates

We invite research papers of at most 12 pages in LNCS format, that are not previously published or currently in submission at other conferences or workshops. We also invite short papers of up to 6 pages covering work in progress, novel or provocative ideas. These will be selected based on their potential to spark interesting discussions at the workshop.

Papers must be submitted through the workshop submission site.

Submissions must be received at the site by November 16th November 21st.
Authors will be notified of acceptance by December 16th.
A final version for the workshop should be received by January 16th.